Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

32 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-18927

Malicious code in bioql PyPI...

5.9CVSS6.5AI score0.0017EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.0 views

EUVD-2023-41801

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00068EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-23868

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00167EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/08/08 12:29 a.m.7 views

CVE-2025-50740

AutoConnect 1.4.2, an Arduino library, is vulnerable to a cross site scripting xss vulnerability. The AutoConnect web interface /ac/config allows HTML/JS code to be executed via a crafted network SSID...

6.1CVSS5.9AI score0.00167EPSS
Exploits0References1
OSV
OSVadded 2025/08/06 9:15 p.m.0 views

CVE-2025-50740

AutoConnect 1.4.2, an Arduino library, is vulnerable to a cross site scripting xss vulnerability. The AutoConnect web interface /ac/config allows HTML/JS code to be executed via a crafted network SSID...

6.1CVSS5.2AI score
Exploits0References2
NVD
NVDadded 2025/08/06 9:15 p.m.2 views

CVE-2025-50740

AutoConnect 1.4.2, an Arduino library, is vulnerable to a cross site scripting xss vulnerability. The AutoConnect web interface /ac/config allows HTML/JS code to be executed via a crafted network SSID...

6.1CVSS0.00167EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/08/06 12:0 a.m.1 views

AutoConnect 安全漏洞

AutoConnect is an Arduino library by the individual developer Hieromon Ikasamo. A security vulnerability exists in AutoConnect version 1.4.2, which stems from the AutoConnect web interface /ac/config that allows execution of HTML/JS code in a specially crafted network SSID, potentially leading to...

6.1CVSS6.3AI score0.00167EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/08/06 12:0 a.m.4 views

CVE-2025-50740

AutoConnect 1.4.2, an Arduino library, is vulnerable to a cross site scripting xss vulnerability. The AutoConnect web interface /ac/config allows HTML/JS code to be executed via a crafted network SSID...

5.9AI score0.00167EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/08/06 12:0 a.m.9 views

CVE-2025-50740

AutoConnect 1.4.2, an Arduino library, is vulnerable to a cross site scripting xss vulnerability. The AutoConnect web interface /ac/config allows HTML/JS code to be executed via a crafted network SSID...

0.00167EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/08/06 12:0 a.m.4 views

PT-2025-32215 · Unknown · Autoconnect

Name of the Vulnerable Software and Affected Versions: AutoConnect version 1.4.2 Description: AutoConnect, an Arduino library, contains a cross-site scripting XSS issue. A crafted network SSID can execute HTML/JS code through the AutoConnect web interface / ac/config. Recommendations: At the...

6.1CVSS5.7AI score0.00167EPSS
Exploits0References5
CVE
CVEadded 2025/08/06 12:0 a.m.12 views

CVE-2025-50740

CVE-2025-50740 affects AutoConnect 1.4.2 (Arduino library) due to a cross-site scripting (XSS) flaw in the web interface at /_ac/config. A crafted network SSID can cause HTML/JS in the SSID to execute in the user’s browser. Descriptions and PoC indicate an attacker could trigger script execution ...

6.1CVSS6AI score0.00167EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/06/23 8:40 a.m.2 views

CVE-2025-50022

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in JK WP-FB-AutoConnect wp-fb-autoconnect allows Stored XSS.This issue affects WP-FB-AutoConnect: from n/a through = 4.6.4...

5.9CVSS5.9AI score0.0017EPSS
Exploits0References1
NVD
NVDadded 2025/06/20 3:15 p.m.4 views

CVE-2025-50022

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in JK WP-FB-AutoConnect wp-fb-autoconnect allows Stored XSS.This issue affects WP-FB-AutoConnect: from n/a through = 4.6.4...

5.9CVSS0.0017EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/06/20 3:3 p.m.1 views

CVE-2025-50022 WordPress WP-FB-AutoConnect plugin <= 4.6.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in justink WP-FB-AutoConnect allows Stored XSS. This issue affects WP-FB-AutoConnect: from n/a through 4.6.3...

5.9CVSS6.9AI score0.0017EPSS
Exploits0References1
CVE
CVEadded 2025/06/20 3:3 p.m.14 views

CVE-2025-50022

CVE-2025-50022 is a stored XSS in the WordPress plug‑in WP-FB-AutoConnect. Affected versions are WP-FB-AutoConnect up to 4.6.3 (per NVD/Red Hat/CVE records). Root cause: improper neutralization of input during web page generation leading to stored cross‑site scripting. Public details indicate the...

5.9CVSS5.9AI score0.0017EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/06/20 12:0 a.m.1 views

PT-2025-26379 · WordPress · Wp-Fb-Autoconnect

Name of the Vulnerable Software and Affected Versions: WP-FB-AutoConnect versions through 4.6.3 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This enables potential attackers to inject...

5.9CVSS5.8AI score0.0017EPSS
Exploits0References4
CNNVD
CNNVDadded 2025/06/20 12:0 a.m.1 views

WordPress plugin WP-FB-AutoConnect 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

5.9CVSS5.8AI score0.0017EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 7:57 a.m.3 views

CVE-2024-12279

The WP Social AutoConnect plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.6.2. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to inject malicious web scripts via a...

6.1CVSS6.4AI score0.00361EPSS
Exploits0References1
OSV
OSVadded 2025/01/04 12:15 p.m.1 views

CVE-2024-12279

The WP Social AutoConnect plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.6.2. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to inject malicious web scripts via a...

6.1CVSS5.7AI score
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/01/04 11:16 a.m.9 views

CVE-2024-12279 WP Social AutoConnect <= 4.6.2 - Cross-Site Request Forgery to Reflected Cross-Site Scripting

The WP Social AutoConnect plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.6.2. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to inject malicious web scripts via a...

6.1CVSS6.5AI score0.00361EPSS
Exploits0References3
Rows per page
Query Builder